Please share with the community what you think needs improvement with AWS CloudFormation.
What are its weaknesses? What would you like to see changed in a future version?
CloudFormation is not particularly good at handling cross-account dynamic references. If you try to refer to an object that CloudFormation has created in a separate AWS account, it tends to fall apart. That's because it is a byproduct of the multi-tenant configuration. This is the most glaring shortcoming in my perspective because you can't dynamically reference objects in other accounts that CloudFormation has created, but it is not a shortcoming that you can't overcome. This is the only pain point that I've come across that didn't have a workaround natively. Sometimes the confirmation is slow, and it could be faster. The downside to CloudFormation when you're fully embracing it is that the AWS services do not get released immediately fully CloudFormation enabled. If you need to use the latest AWS service that just got announced or reinvented, you're not going to be able to continue with CloudFormation for the first X number of months. This is because they develop the products separately, and then they hand it to the CloudFormation team, which later on develops a CloudFormation integration. So, if you need to be on the newest thing AWS has, CloudFormation is often going to be a constraint that prevents you from doing that.
The one bit of a drawback is that CloudFormation is, only, available in AWS. When I have to work on other clouds or somebody has a configuration to be done on-prem Data Center, there's no way for me to use it. It is what it is, AWS does not apparently intend to make this available all over. The three big players in this area are Ansible, Terraform, and CloudFormation — except CloudFormation can only be used on AWS ! I would like to see less verbosity and better isolation. One area that may be improved would be using variables as parameters in templates. This would make it a lot more flexible. I don't know how soon that's going to happen because I'm trying to think from a developer's point of view - the guys that actually have to write and support all these features that I dream about. Frankly, to evolve it but also maintain compatibility with what's in place now, may be a serious challenge.
The customization is weak. Whether it is good or not depends on the customer's use case. The solution needs to offer better support to other cloud vendors. The solution requires Kubernetes support including container ops and staging support.
This tool is not intuitive and there are others that are easier to understand. It is very powerful but it can be developed to make it much easier to use. The learning curve is pretty steep. Unless you have been working with it for a long time, looking at a CloudFormation template is a tough job. The aim should be usability for a person with a non-coding background. There is a lot of syntax and components that require you to look at the documentation, whereas with the inclusion of a few drop-down menus and choices, it would be much easier to work with. You can have CloudFormation create a template based on your existing infrastructure, but not all of the services are included. For example, if you manually set up an environment and you have put in all of the scaling information then you can extract the entire infrastructure and get back a template. CloudFormation is then capable of recreating the environment but it might not have the scaling included automatically.
Are there any significant advantages in addition to using IaC tools for automation? What tools are the top leaders in this category?